Cache poisoning vulnerability found in BIND
Posted Jul 29, 2007 23:49 UTC (Sun) by dlang
(✭ supporter ✭
In reply to: Cache poisoning vulnerability found in BIND
Parent article: Cache poisoning vulnerability found in BIND
as for avoiding the "high cost of 'real' SSL certs", they are only really expensive if you buy them from the wrong place. you can get 'real' ssl certs for <$100 individually, and if you are a company that needs a lot of them you can get them in quantity for <$50 (you also don't have to get certs that expire after one year either)
the fact that some people think it's necessary to pay $900 per year for a cert is a testimate to stupidity and marketing.
and frankly if you consider $50 or $100 too expensive then I question if what you are protecting is worth bothering with SSL in the first place.
Self signed certs are not a problem if you use them properly and have the users tell their browsers to install it as a valid cert, but just using them without giving the users a way to do this and expecting them to click through the cert warning is bad for everyone and provides little security to your users.
to post comments)